G Suite users targeted by widespread phishing attempt

On Wednesday, May 3rd, a widespread phishing attack targeted G Suite users to obtain access to Gmail, Contacts, and Docs.

Affected individuals received an email that contained a link that appeared to be a shared Google Doc from a person they knew. However, upon clicking the link Google prompted individuals to authorize an application named “Google Docs”. This malicious application attempted to obtain access to the user’s Gmail account and Google Contacts.

During this attack, more than 500 UW-Madison G Suite accounts were compromised. Through concurrent efforts, Google and the UW-Madison G Suite team removed the malicious application from affected accounts.

While Google has committed to better detection and prevention of attacks like this, we suspect that this type of attack will be used again. We ask that you exercise caution whenever you are asked to authorize an application.